ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Written by

The Hacker NewsThe North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.
The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Comments

Leave a Reply Cancel reply

More posts

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute